Succession Planning for Security Departments

Survival of the fittest may work in the animal kingdom, but grooming the next generation of CSOs requires a substantial investment of time, a sincere interest in employee development and a dash of humility. Are you ready for succession planning?

The transparency of the process depends largely on the corporate culture that you're working within. Many companies keep their candidate list completely confidential, sharing it only with top management for fear that the process will become too political or open the department up to be cherry-picked by headhunters. Other companies make selecting executive successors a more open process where each candidate gets an annual or biannual review indicating what he needs to do to prepare himself to take on the CSO role. Regardless of which method you choose, the criteria for the CSO role should not be treated like a trade secret. If you want employees to aspire to be future security leaders, they have to understand the standards and expectations against which they will be judged.

The goal for Burrill and for many of the CSOs we interviewed is to build a succession plan that's so solid that they never have to look outside the company for a security executive candidate. "If we got it right, we should be able to home grow our own head of security," says Burrill. "If we had to go out to the public sector [to hire candidates], I would consider it a failure because they would have to adjust to our business environment and quite a lot of them never will. Over time that can cripple an entire function."Plan from the Top...A good succession plan should be two things: mandated from the top down and then built from the bottom up. Management support and leadership are critical to validating the plan and creating accountability. Sound recruitment and retention policies are crucial to bringing good people into the system.

Few CSOs have the luxury of choosing their successors without a good deal of input from management, so it's important that the process is steered by corporate leadership. "It has to be driven from the top, by the board of directors, the chairman and the CEO. It can't be driven by the CSO," says Bruckman. "All he can do is make a really good case for one particular candidate."

At Merck, CEO Ray Gilmartin is within two years of retirement and has set an example of succession planning for his management team by announcing that his successor will come from within. Gilmartin has stressed the importance of developing leaders internally by acknowledging that when he was brought in from the outside in 1994 it was far more disruptive to the organization than an internal appointment would have been. Merck CSO Bob Moore believes that Gilmartin's strategy applies equally to the security function. "There is a lot of disruption when you bring someone in from the outside to head up security. And to be brutally frank, if a company doesn't develop from within, it points to a lack of planning on its part."